CVE-2026-34542 iccDEV: SBO in CIccCalculatorFunc::Apply()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow SBO in CIccCalculatorFunc::Apply when processed via iccApplyNamedCmm. Under AddressSanitizer, the failure is reported as...

Arbitrary Code Execution

Overview jsen is a JSON-Schema validator built for speed Affected versions of this package are vulnerable to Arbitrary Code Execution. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine. In the module description and README file there is no...

The vulnerabilities of PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, allow attackers to circumvent JavaScript restrictions.

The vulnerability in the implementation of the Function apply in PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as in PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, is related to deficiencies in access control for certain functions...